By Jeremy Nichols, Director, Global Threat Intelligence Center, NTT Security Holdings

At NTT, we are united in our passion about contributing to a safer society and digital future. As such, we believe that collaboration and sharing are crucial elements in the fight against cyber threats and the development of cyber threat intelligence (CTI). The NTT Security Holdings Global Threat Intelligence Center (GTIC) contributes to those efforts by maintaining and participating in partnerships at numerous levels, including government, industry bodies and other companies involved in providing cybersecurity services.

“Despite the growing threat landscape, we shared a belief that collaboration, between sectors and nations, is paramount for the protection of critical infrastructure under the current “new norm”. This “new norm” refers to the increasingly complex and persistent cyber threat environment that Chief Information Security Officers (CISOs) in the private and public sector must navigate.”

Shinichi Yokohama, CEO, NTT Security Holdings

In our 2024 Global Threat Intelligence Report, collaboration was highlighted as one of the primary recommendations – especially for small and medium-sized businesses (SMBs). We believe this is paramount to helping smaller teams ‘do more with less’ to combat the increase in incident frequency and severity, as well as rising analyst fatigue and burnout while toolsets and job responsibilities grow.

COLLABORATE

As budgets and staffing tightens, we encourage teams to evaluate joining Information Sharing and Analysis Centers, intelligence sharing communities, or collaboration efforts. These can often provide organizations with high quality insights and actionable intelligence at a lower price than one or many commercial threat intelligence feeds. The added benefit is that most allow real time analyst collaboration to gain additional viewpoints and intuition from others across the intelligence community.

Our membership in these alliances and collaborative efforts – such as the Cyber Threat Alliance – provides several advantages that enable us to accelerate our research, expand our visibility and ultimately better protect our customers.

  • Faster Research – The sharing of malicious artifacts – whether indicators of compromise (IOCs), malware binaries or detection mechanisms – enables the GTIC to expand our reach and accelerate our research. This is especially true when using partner IOCs to map malicious infrastructure against our existing tier 1 backbone insights.
  • Request For Intelligence (RFI) – Many of these communities enable members to submit requests for intelligence. This enables teams to crowdsource insights and intelligence when they may have hit a dead end on their own.
  • Expanded Visibility – No single vendor or CTI team is going to see everything; it simply isn’t practical. By joining sharing alliances or intelligence communities, teams are empowered with viewpoints they wouldn’t have previously had or insights they can leverage within their own tools or data.
  • Early Access Threat Hunting – Analyst sharing enables teams to hunt their own or customer environments for previously unknown threats. This is especially true with the Cyber Threat Alliance ‘early share’ program, where member organizations share upcoming blogs and reports which provide insights into active threats and ongoing campaigns that generally aren’t known by the industry yet.
  • Improved Situational Awareness – Even in cases where there aren’t technical indicators or intel applicable to NTT, these partnerships provide an expanded level of situational awareness while conducting our own research or producing intelligence for internal use.

This certainly isn’t an exhaustive list of the benefits of these alliances – others can include fraud and brand protection, joint takedown or disruption efforts, combined analytical projects and more! There is significant value across the board, providing a force multiplier to the GTIC and our stakeholders. We strongly encourage teams to investigate participating – whether you’re a small organization looking to bolster your own efforts or a large corporation looking to make a difference in the global fight against cybercrime.

Back to News